Report - knaben.info.atlaq.com/

Report Overview

Visited public
2023-11-21 09:39:27
Tags
URL
knaben.info.atlaq.com/
Finishing URL
knaben.info.atlaq.com/
IP / ASN
104.21.64.58
#13335 CLOUDFLARENET
Title
Knaben's Proxy List

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
preview.atlaq.com	unknown	2019-04-07	2023-10-16 11:41:32	2023-11-19 12:52:30	482 B	99 kB	188.114.96.1
knaben.info.atlaq.com	unknown	unknown	No data	No data	1.3 kB	52 kB	172.67.176.167
whulsaux.com	unknown	2023-01-04	2023-01-04 17:10:35	2023-11-20 07:31:52	1.9 kB	33 kB	139.45.197.244
amunfezanttor.com	unknown	2023-03-31	2023-03-31 14:42:42	2023-11-19 05:09:41	1.5 kB	1.5 kB	139.45.197.250
commissionfactory.com	371280	unknown	No data	No data	395 B	407 B	40.82.218.196
www.articleforge.com	unknown	unknown	2017-02-13 23:00:50	2023-03-07 08:31:58	780 B	8.2 kB	96.30.4.44
www.commissionfactory.com	unknown	2011-02-17	2014-10-19 01:24:58	2023-04-12 10:57:42	413 B	15 kB	40.82.218.196
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-11-21 05:11:06	1.1 kB	1.5 kB	139.45.195.8
doge.investments	unknown	unknown	No data	No data	392 B	0 B	0.0.0.0
qureka.com	117779	unknown	No data	No data	386 B	0 B	0.0.0.0
bookmarkinghost.info	15337	unknown	No data	No data	394 B	1.3 kB	154.49.138.185
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-21 07:28:38	892 B	143 kB	142.250.74.168
itweepinbelltor.com	116495	2021-08-11	2021-08-11 13:34:00	2023-11-20 08:34:11	5.1 kB	164 kB	139.45.197.250
articleforge.com	8667	unknown	No data	No data	390 B	507 B	96.30.4.44
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-11-21 05:09:05	739 B	452 B	216.239.34.36
t1.gstatic.com	unknown	2008-02-11	2013-05-07 00:57:20	2023-11-20 11:02:20	2.6 kB	11 kB	142.250.74.132
atlaq.com	460385	2019-04-07	2019-04-10 14:32:55	2023-11-19 12:52:29	850 B	163 kB	188.114.96.1
traffic.alexa.com	381412	1996-07-17	2012-05-20 23:46:11	2021-05-14 12:40:47	978 B	0 B	0.0.0.0
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-11-21 07:42:06	576 B	578 B	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-21	medium	whulsaux.com	Sinkholed
2023-11-21	medium	whulsaux.com	Sinkholed
2023-11-21	medium	amunfezanttor.com	Sinkholed
2023-11-21	medium	amunfezanttor.com	Sinkholed
2023-11-21	medium	amunfezanttor.com	Sinkholed
2023-11-21	medium	whulsaux.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=UA-85346163-2	135 kB	2023-11-21 10:39	2023-11-21 10:39
Pretty URL www.googletagmanager.com/gtag/js?id=UA-85346163-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-21 10:39 Last Seen2023-11-21 10:39 Times Seen1 Hash 7698c38d66236ce878332fd0b7b9c575 383d17889416513217a45f91f6426414874a36f7 3d2a1dd7aa36481a4b1e0b50536731bfa9c66837f91f79aa9228e6a0062a0c45 Loading...

	unknown	88 kB	2023-11-02 10:05	2024-08-20 21:23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 10:05 Last Seen2024-08-20 21:23 Times Seen2914 Hash d46d2997ab218d1dba1ab614422ed53f 3f1f6b9847c8ad209835db366c62fcb209b83a67 09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42 Loading...

	unknown	154 B	2024-08-20 18:30	2024-08-20 18:30
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-08-20 18:30 Last Seen2024-08-20 18:30 Times Seen1 Hash 4b79588c7e435f543b0c07ee4385f952 16d60e1082b7864468f3db08f4766ef779359e5d 0a7876b03d20d202496eb37c48b3806935ab28643a640b90e64d0de04a6fdd9e Loading...

	unknown	157 B	2024-08-20 18:30	2024-08-20 18:30
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-08-20 18:30 Last Seen2024-08-20 18:30 Times Seen1 Hash 1b6da541883dc0c8260e4af19411ad33 70338548f54d1794114172ff79e3225b434000e5 c17f7e78096bc5f86c5e54e619f0397a0e93123993f922c428f8567d251d67df Loading...

	knaben.info.atlaq.com/	3.6 kB	2024-08-20 18:30	2024-08-20 18:30
Pretty URL knaben.info.atlaq.com/ IP 172.67.176.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 18:30 Last Seen2024-08-20 18:30 Times Seen1 Hash f12e67c145b763947c84b03d0e215d50 8f76cf5986443637512e8ea6679c9b5c3fa8beaa c1c0100d8069a53b1b02687207d3474472837d095bb547ae3de3afe26cdeeedd Loading...

	knaben.info.atlaq.com/	59 kB	2023-11-11 13:15	2024-08-20 19:59
Pretty URL knaben.info.atlaq.com/ IP 172.67.176.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-11 13:15 Last Seen2024-08-20 19:59 Times Seen27 Hash b19b96f2fc5eeadfd5a5852e5fbd19ab 021c13b5d0cfe7880adaff70d73a5ab6910e1cb5 4be0a27e37a47491b51c4eb6ea1423d82483806e6ce015132a40a0ccb1e96c7d Loading...

	knaben.info.atlaq.com/	447 B	2023-11-11 13:15	2024-08-20 19:59
Pretty URL knaben.info.atlaq.com/ IP 172.67.176.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-11 13:15 Last Seen2024-08-20 19:59 Times Seen27 Hash edac1ca3689a31cc59d42a6062c37472 c02dff66418e29c297de8c4f07353942ca91bf2d 201665128cc31ad2da0fcf6cbacf714ebba47b34306525369fd8b6be99e7a07d Loading...

	itweepinbelltor.com/pfe/current/tag.min.js?z=5490114	13 kB	2023-11-02 10:05	2024-08-20 21:23
Pretty URL itweepinbelltor.com/pfe/current/tag.min.js?z=5490114 IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 10:05 Last Seen2024-08-20 21:23 Times Seen2697 Hash 258578af3c107ccb907f73c3a2f4c25f 7a192edea829968fb7f57f2a2fc4cb5b612598be 1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75 Loading...

	www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c	266 kB	2023-11-21 10:39	2023-11-21 10:48
Pretty URL www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-21 10:39 Last Seen2023-11-21 10:48 Times Seen2 Hash dfa0871ce05ba8a64667d32466825ba8 004a0dbbb593fbbb1cc1c0e08f17a263c5413829 aa37baad6952274ca1c9df74ac77e64430691cb6a0391e9f45de0c45dfb7dc7f Loading...

	whulsaux.com/tag.min.js	81 kB	2023-11-20 14:09	2023-11-22 07:50
Pretty URL whulsaux.com/tag.min.js IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 14:09 Last Seen2023-11-22 07:50 Times Seen70 Hash 8f3daac0b4e1235a329bc4f74b63e842 f7aff3e9ac6825cad31d330b90b48f04ef43ac3f 241ec5cdfae74b605a11d0811dfea6c18fc14c947756e5fb3dc61fe70d4c9001 Loading...

	unknown	26 kB	2023-03-07 01:18	2024-10-26 14:27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2024-10-26 14:27 Times Seen1733 Hash a912e7afe74b51fdd03b28bf67e7d409 85004dfe087af5a730261c85262661d89b3d2516 706b3882753d8f81cfcf35aa2623303b1b380c8106686a4ad12a1fae23cf4650 Loading...

	knaben.info.atlaq.com/sandbox%20eval%20code	147 B	2023-04-11 21:07	2024-11-28 23:31
Pretty URL knaben.info.atlaq.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2024-11-28 23:31 Times Seen282599 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	knaben.info.atlaq.com/	154 B	2023-03-10 11:07	2024-11-28 20:47
Pretty URL knaben.info.atlaq.com/ IP 172.67.176.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 11:07 Last Seen2024-11-28 20:47 Times Seen69 Hash 556aedec3c17b1047b6ea5b24555b6b3 bc98386bf7c5d5088b545befbe3f36738874ca18 25b0f8074b7996c02b28918d9dec52e00501eee8990db393f4a0624d136a828e Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11 21:07	2024-11-28 23:31
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2024-11-28 23:31 Times Seen281799 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	unknown	147 B	2024-08-20 18:30	2024-08-20 18:30
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-08-20 18:30 Last Seen2024-08-20 18:30 Times Seen1 Hash f2d4d4ed9e164bf515e6ef3ffc0ff6cb b3d70f06c07f2c5080de411631e650b772aad3c3 f448a90532ecd96ac93017846faa4e48e2789fa2b6ae9df6cca7ef928ccffed7 Loading...

	unknown	153 B	2024-08-20 18:30	2024-08-20 18:30
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-08-20 18:30 Last Seen2024-08-20 18:30 Times Seen1 Hash 9fdf9338374f7a98bd29fe16cfed8539 0889f7f94fa338e19b3adc9c34ae1fa0246fe46a 4da9edb087cd01a64aaa2bbf31c202183674d7da90e504cd72ce1c2fb7c2015f Loading...

		Size	First Seen	Last Seen
	#1 Write - 82d115f6a9cd4c80b94acfb06799c36f	51 kB	2024-08-20 18:30	2024-08-20 18:30
Pretty Observations First Seen2024-08-20 18:30 Last Seen2024-08-20 18:30 Times Seen1 Hash 82d115f6a9cd4c80b94acfb06799c36f 95d523967daaa45657354e97170a45b036159cd6 6b4ff011c4ab43f2985b48700258129f7022671085dc9ed396ea00e452b2c051 Loading...

HTTP Transactions (43)

URL IP Response Size

atlaq.com/logo.png

188.114.96.1

200 OK

117 kB

URL GET HTTP/2
atlaq.com/logo.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint1E:C6:84:53:3B:FF:CE:FF:8F:8C:9D:8B:3A:69:3F:E5:28:C8:F4:A5
ValidityWed, 26 Apr 2023 00:00:00 GMT - Thu, 25 Apr 2024 23:59:59 GMT

File type
PNG image data, 500 x 446, 8-bit/color RGBA, non-interlaced\012- data
Size
117 kB (117433 bytes)
Hash
792b74959e26cd37fd05dfcd0ef07770
c6e3ed2dd9771b077daf93eda5773cd10d621147
7ae2cb133588b7a2926b71630869d602c294840f6c1379666e82b25f3354623b

HTTP Headers

GET /logo.png HTTP/1.1
Host: atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 21 Nov 2023 09:39:09 GMT
content-type: image/png
content-length: 117433
cache-control: public, max-age=31536000
expires: Thu, 24 Oct 2024 05:27:08 GMT
last-modified: Wed, 29 Jan 2020 11:21:42 GMT
vary: User-Agent,Origin, Accept-Encoding
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2347921
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5O5yWXg%2Fc4RMpcybykoyrrKkMwz9gLJujjXR6RAfYnk9R%2F9kPswGY1%2BgW4S6xk5pbS7NIDgG6BJ1QDS%2B8q0pFWc4dCXK88ByL5fr3b0pA1DC8gQIYrKmtBJovA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8297f6c3188e56c9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-85346163-2

142.250.74.168

200 OK

52 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-85346163-2
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (2213)
Size
52 kB (51492 bytes)
Hash
7698c38d66236ce878332fd0b7b9c575
383d17889416513217a45f91f6426414874a36f7
3d2a1dd7aa36481a4b1e0b50536731bfa9c66837f91f79aa9228e6a0062a0c45

HTTP Headers

GET /gtag/js?id=UA-85346163-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Nov 2023 09:39:10 GMT
expires: Tue, 21 Nov 2023 09:39:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51492
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c

142.250.74.168

200 OK

90 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
90 kB (90040 bytes)
Hash
dfa0871ce05ba8a64667d32466825ba8
004a0dbbb593fbbb1cc1c0e08f17a263c5413829
aa37baad6952274ca1c9df74ac77e64430691cb6a0391e9f45de0c45dfb7dc7f

HTTP Headers

GET /gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Nov 2023 09:39:10 GMT
expires: Tue, 21 Nov 2023 09:39:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90040
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

itweepinbelltor.com/zone?pub=0&zone_id=5490114&is_mobile=false&domain=knaben.info.atlaq.com&var=&ymid=&var_3=&tg=0&sw=3.1.471

139.45.197.250

200 OK

888 B

URL GET HTTP/2
itweepinbelltor.com/zone?pub=0&zone_id=5490114&is_mobile=false&domain=knaben.info.atlaq.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
JSON data\012- , ASCII text, with very long lines (887)
Size
888 B (888 bytes)
Hash
5800ebd5fac46023ee5ce159af185039
69130d428356b977ec0a5bb70fe95ce3bc947b85
b299942a863006c6c8227371cc765b6eaef53616b56613001feda66f9667444f

HTTP Headers

GET /zone?pub=0&zone_id=5490114&is_mobile=false&domain=knaben.info.atlaq.com&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://knaben.info.atlaq.com/
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: application/json; charset=utf-8
content-length: 888
x-trace-id: 546f7f47c98ff925f003737246376add
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

articleforge.com/favicon.ico

96.30.4.44

248 B

URL GET
articleforge.com/favicon.ico
IP
96.30.4.44:0
ASN
#32244 LIQUIDWEB

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuercPanel, Inc.
Subjectarticleforge.com
Fingerprint08:B0:52:66:4E:C6:7A:44:3E:8D:DC:81:7B:07:01:D3:74:00:ED:FB
ValidityMon, 23 Oct 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
248 B (248 bytes)
Hash
b3f5a806ae3b0f245e48a54df8d75acc
15af22e6c57a1815556403051cd81c05c46effba
9b41b6521e31c97f09944ab3c4a93bee517f8485c70e86551cea1042bd311984

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: articleforge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 21 Nov 2023 09:39:09 GMT
Server: Apache
Location: https://www.articleforge.com/favicon.ico
Content-Length: 248
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

bookmarkinghost.info/favicon.ico

154.49.138.185

404 Not Found

912 B

URL GET HTTP/2
bookmarkinghost.info/favicon.ico
IP
154.49.138.185:443
ASN
#174 COGENT-174

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectbookmarkinghost.info
FingerprintF9:D7:2D:E9:32:5B:C4:66:6B:31:79:EE:9C:9E:37:2A:80:02:57:6F
ValidityMon, 13 Nov 2023 14:45:21 GMT - Sun, 11 Feb 2024 14:45:20 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (355)
Size
912 B (912 bytes)
Hash
e53fdf76753edcd8773ab17ae968bfd6
4bea38cd83442080bdf51cd1db206715f9198955
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: bookmarkinghost.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: hcdn
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: text/html
content-length: 912
last-modified: Tue, 09 Jul 2019 06:18:14 GMT
etag: "999-5d2431a6-95b52a690e28d9ce;br"
content-encoding: br
platform: hostinger
x-turbo-charged-by: LiteSpeed
x-hcdn-request-id: 6418041f01b5ed7a3db3e53076b86793-fast-edge1
X-Firefox-Spdy: h2

whulsaux.com/tag.min.js

139.45.197.244

200 OK

26 kB

URL GET HTTP/2
whulsaux.com/tag.min.js
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectwhulsaux.com
FingerprintA8:C3:DA:A6:D8:7E:B2:1D:20:3B:9D:3B:86:9A:EF:7C:B3:AC:47:D7
ValidityMon, 20 Nov 2023 05:29:27 GMT - Sun, 18 Feb 2024 05:29:26 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25608 bytes)
Hash
8f3daac0b4e1235a329bc4f74b63e842
f7aff3e9ac6825cad31d330b90b48f04ef43ac3f
241ec5cdfae74b605a11d0811dfea6c18fc14c947756e5fb3dc61fe70d4c9001

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: whulsaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: text/javascript; charset=utf-8
content-length: 25608
content-encoding: br
x-trace-id: 8b7561c0894fd25cf4587058bd8eaabc
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Mon, 20 Nov 2023 12:49:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

preview.atlaq.com/42800ab75a349378ae25d24013adcaab_knaben.info.png

188.114.96.1

200 OK

99 kB

URL GET HTTP/2
preview.atlaq.com/42800ab75a349378ae25d24013adcaab_knaben.info.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint1E:C6:84:53:3B:FF:CE:FF:8F:8C:9D:8B:3A:69:3F:E5:28:C8:F4:A5
ValidityWed, 26 Apr 2023 00:00:00 GMT - Thu, 25 Apr 2024 23:59:59 GMT

File type
PNG image data, 683 x 384, 8-bit/color RGBA, non-interlaced\012- data
Size
99 kB (98559 bytes)
Hash
d2851adcdd478c7ed0f6a2744989d615
6c5a7016a216bcf166e03c06938129cd666e7bd9
cc96301f3eb94151e8356881215a0921a490a26a7493b4ba1b85c1155c5ad618

HTTP Headers

GET /42800ab75a349378ae25d24013adcaab_knaben.info.png HTTP/1.1
Host: preview.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: image/png
content-length: 98559
x-powered-by: Express
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Sat, 21 Oct 2023 11:59:15 GMT
etag: W/"180ff-18b521a9359"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leIhuqmeA1nzhzEUh0j9dnGUMjV5MHnu1XNGlKHi5rddpsrzJke06FVIunld4dNMzSN5eDCvZ0wwLleVnbDsM%2FzQKmzQb6297fZQx0ZXngOdWUedHuIawAg0i0RR7vm1me%2F%2FKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8297f6c3088756c9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

itweepinbelltor.com/custom

139.45.197.250

200 OK

0 B

URL POST HTTP/2
itweepinbelltor.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://knaben.info.atlaq.com/
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

itweepinbelltor.com/custom

139.45.197.250

200 OK

39 B

URL POST HTTP/2
itweepinbelltor.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://knaben.info.atlaq.com/
Content-Type: application/json
Content-Length: 379
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 0112b34f7380720d7880771e5204ea16
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

knaben.info.atlaq.com/

172.67.176.167

200 OK

0 B

URL User Request GET HTTP/2
knaben.info.atlaq.com/
IP
172.67.176.167:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint02:E3:5A:1C:61:EF:0D:0D:61:F4:62:6A:0D:1D:F4:0F:71:26:C4:8E
ValidityFri, 25 Aug 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: knaben.info.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=2592000
cf-railgun: direct (waiting for pending WAN connection)
expires: Thu, 21 Dec 2023 03:34:29 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: User-Agent,Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcqY2%2F6dvm0G8G9cQ9v1Oer2jobWkjffgaGBU141BytzesunhGhd6JMuFRvb5wvO4cPIcHjCXaeeHGPjv0h0%2B8THDgHUYBaRFHSEsyxPzCxQeBu1AlVDN0vxjCRHiSP5H5Nqd4rJzrQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8297f6c4c8180b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

whulsaux.com/5/6577958/?oo=1&aab=1

139.45.197.244

200 OK

1.4 kB

URL GET HTTP/2
whulsaux.com/5/6577958/?oo=1&aab=1
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectwhulsaux.com
FingerprintA8:C3:DA:A6:D8:7E:B2:1D:20:3B:9D:3B:86:9A:EF:7C:B3:AC:47:D7
ValidityMon, 20 Nov 2023 05:29:27 GMT - Sun, 18 Feb 2024 05:29:26 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
1.4 kB (1416 bytes)
Hash
d81b2a5edbb831fbc4f16beed2b3d1f8
8788edd0fc5b8a5cfa91c7c64045464e4dbacf0e
19b99d41b073134fdd055c5ef9164e2a562ed38d5ddb7f8f1ebd8d3cbd7ddb0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6577958/?oo=1&aab=1 HTTP/1.1
Host: whulsaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: application/json
x-trace-id: cbf20475dedc9fd139e5f6eccc7d0566
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=6caa9aad526f4029bd5f0addfcca1cb7; expires=Wed, 20 Nov 2024 09:39:10 GMT; path=/; secure; SameSite=None
oaidts=1700559550; expires=Wed, 20 Nov 2024 09:39:10 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintD6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52
ValidityWed, 06 Sep 2023 01:33:39 GMT - Tue, 05 Dec 2023 01:33:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://knaben.info.atlaq.com/
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintD6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52
ValidityWed, 06 Sep 2023 01:33:39 GMT - Tue, 05 Dec 2023 01:33:38 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
2aaf5afe3339006c84cec9c8875501a5
d4d331d2a252c438a1c93df3da5ddbeb96ea7d28
5c857e6011f8d5c27e5d495a948338c0e57789b3d2ab73ad8de9688d9c68cdf8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://knaben.info.atlaq.com/
Content-Type: application/json
Content-Length: 506
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

commissionfactory.com/favicon.ico

40.82.218.196

301 Moved Permanently

162 B

URL GET HTTP/2
commissionfactory.com/favicon.ico
IP
40.82.218.196:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerSectigo Limited
Subjectcommissionfactory.com
FingerprintAC:FF:D4:AA:50:A9:DB:D4:DF:04:7E:6C:46:84:D9:A8:4F:0D:94:11
ValidityWed, 12 Apr 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
573b49cac041aa7a3147a5e15a6a916b
f5711c900920fad32da60306a4d435b1e98c92bb
03cfcc3763fd424aa56bff357fd553ae2e7f943c428a73f848a145c335b68507

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: commissionfactory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
location: https://www.commissionfactory.com/favicon.ico
strict-transport-security: max-age=300
date: Tue, 21 Nov 2023 09:39:09 GMT
content-length: 162
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-FPZ0VEL1WQ&gtm=45je3b81v894672372&_p=1700559552106&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=822904690.1700559552&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1700559552&sct=1&seg=0&dl=https%3A%2F%2Fknaben.info.atlaq.com%2F&dt=Knaben%27s%20Proxy%20List&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1674

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-FPZ0VEL1WQ&gtm=45je3b81v894672372&_p=1700559552106&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=822904690.1700559552&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1700559552&sct=1&seg=0&dl=https%3A%2F%2Fknaben.info.atlaq.com%2F&dt=Knaben%27s%20Proxy%20List&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1674
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-FPZ0VEL1WQ&gtm=45je3b81v894672372&_p=1700559552106&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=822904690.1700559552&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1700559552&sct=1&seg=0&dl=https%3A%2F%2Fknaben.info.atlaq.com%2F&dt=Knaben%27s%20Proxy%20List&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1674 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://knaben.info.atlaq.com
date: Tue, 21 Nov 2023 09:39:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.articleforge.com/favicon.ico

96.30.4.44

216 B

URL GET
www.articleforge.com/favicon.ico
IP
96.30.4.44:0
ASN
#32244 LIQUIDWEB

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuercPanel, Inc.
Subjectarticleforge.com
Fingerprint08:B0:52:66:4E:C6:7A:44:3E:8D:DC:81:7B:07:01:D3:74:00:ED:FB
ValidityMon, 23 Oct 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
216 B (216 bytes)
Hash
b6c7a05c03f6b88cb003e5bb34d012db
ecb54a311999582c5c1c81a987435d19ae2702a1
151ed6983369f2fd20130885b6ed90cae94d2d2d81aada6c87c27bc4962571c9

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.articleforge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 21 Nov 2023 09:39:10 GMT
Server: Apache
Location: https://www.articleforge.com/404
Content-Length: 216
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

itweepinbelltor.com/event

139.45.197.250

200 OK

0 B

URL POST HTTP/2
itweepinbelltor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://knaben.info.atlaq.com/
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:11 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

www.articleforge.com/404

96.30.4.44

7.1 kB

URL GET
www.articleforge.com/404
IP
96.30.4.44:0
ASN
#32244 LIQUIDWEB

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuercPanel, Inc.
Subjectarticleforge.com
Fingerprint08:B0:52:66:4E:C6:7A:44:3E:8D:DC:81:7B:07:01:D3:74:00:ED:FB
ValidityMon, 23 Oct 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (552)
Size
7.1 kB (7076 bytes)
Hash
84a8b63e550692d324539ca541124fb6
749f4540b8cd6f054ccfba1b75fa6ae067d73021
5661d3c2bc0727cb5afa581eab9b5741c0a2d7f1d3198b359a5f7a44fc35d6d8

HTTP Headers

GET /404 HTTP/1.1
Host: www.articleforge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 21 Nov 2023 09:39:10 GMT
Server: Apache
Set-Cookie: SPT3-02=1; expires=Fri, 24-Nov-2023 09:39:10 GMT; Max-Age=259200; path=/
SPT3-06=1; expires=Fri, 24-Nov-2023 09:39:10 GMT; Max-Age=259200; path=/
SPT3-04=0; expires=Fri, 24-Nov-2023 09:39:10 GMT; Max-Age=259200; path=/
SPT3-05=1; expires=Fri, 24-Nov-2023 09:39:10 GMT; Max-Age=259200; path=/
SPT3-12=0; expires=Fri, 24-Nov-2023 09:39:10 GMT; Max-Age=259200; path=/
SPT3-13=1; expires=Fri, 24-Nov-2023 09:39:10 GMT; Max-Age=259200; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7076
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

itweepinbelltor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
itweepinbelltor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
8b809880b8e63f4e4c4eb537e1cdd234
9039c6cec90f2af855b83184d291638f9f944185
928db20df545d594af609329d6ce4ed13fce50836f9a2c5854e8c93ceef17848

HTTP Headers

POST /event HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://knaben.info.atlaq.com/
Content-Type: application/json
Content-Length: 1639
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:11 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.commissionfactory.com/favicon.ico

40.82.218.196

200 OK

15 kB

URL GET HTTP/2
www.commissionfactory.com/favicon.ico
IP
40.82.218.196:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerSectigo Limited
Subjectcommissionfactory.com
FingerprintAC:FF:D4:AA:50:A9:DB:D4:DF:04:7E:6C:46:84:D9:A8:4F:0D:94:11
ValidityWed, 12 Apr 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15086 bytes)
Hash
2377019bf29cc178d1f1e4cefdb6741f
2adda9715a4b8018b1655fafddaa380246dbaee5
627fb72f77199b79deacba85ff6848762d9f182b26fa470da56b5ba847da7978

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.commissionfactory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
last-modified: Wed, 19 Jul 2023 05:50:45 GMT
accept-ranges: bytes
etag: "cfe13bf64bad91:0"
strict-transport-security: max-age=300
date: Tue, 21 Nov 2023 09:39:09 GMT
content-length: 15086
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://doge.investments

142.250.74.132

404 Not Found

726 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://doge.investments
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://doge.investments HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 21 Nov 2023 09:39:11 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=822904690.1700559552&gtm=45je3b81v894672372&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1651097761

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=822904690.1700559552&gtm=45je3b81v894672372&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1651097761
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=822904690.1700559552&gtm=45je3b81v894672372&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1651097761 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 09:39:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://qureka.com

142.250.74.132

404 Not Found

726 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://qureka.com
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://qureka.com HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 21 Nov 2023 09:39:11 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=3728e98cd96e45e5af06cecf24b746ab&zoneId=5490114&checkDuplicate=true&ymid=&var=

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?pub=0&userId=3728e98cd96e45e5af06cecf24b746ab&zoneId=5490114&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
764e646f34cabc27447a04bb84a075bf
60159c15614e498e6234db6b82565327756b6bda
3343c5cd87dcb6751b661892130c8a177e12b9b2499e8733cb60b70e0dc75e05

HTTP Headers

GET /gid.js?pub=0&userId=3728e98cd96e45e5af06cecf24b746ab&zoneId=5490114&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://knaben.info.atlaq.com/
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Cookie: ID=6caa9aad526f4029bd5f0addfcca1cb7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:11 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=6caa9aad526f4029bd5f0addfcca1cb7; expires=Wed, 20 Nov 2024 09:39:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://bookmarkinghost.info

142.250.74.132

200 OK

4.3 kB

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://bookmarkinghost.info
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4319 bytes)
Hash
6b0fd5a9fd58eb285bede35908159600
e00d10b1c776e21a7402f9c63c3e6b0d93801547
ab5cad5c713d5a7bfa12a68b82cb9653780949cba231e5cef0f90aa82d218e05

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://bookmarkinghost.info HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://www.bookmarkinghost.info/bookmarkinghost.info.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 4319
date: Tue, 21 Nov 2023 09:39:11 GMT
expires: Tue, 28 Nov 2023 09:39:11 GMT
cache-control: public, max-age=604800
last-modified: Thu, 18 Mar 2021 10:55:22 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://articleforge.com

142.250.74.132

200 OK

711 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://articleforge.com
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
711 B (711 bytes)
Hash
c88624ebbe7ba781de768425e88d4de0
c45cfd8af6a6791e1b053b2968ea1cf861cd0010
ede57925c35db1ff4341889df7eddd5098dbae47ce660f0bfcecebed6d072845

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://articleforge.com HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://www.articleforge.com/ico/apple-icon-72x72.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 711
date: Tue, 21 Nov 2023 09:39:11 GMT
expires: Tue, 28 Nov 2023 09:39:11 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://knaben.info

142.250.74.132

200 OK

1.3 kB

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://knaben.info
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1326 bytes)
Hash
13dbc677269f1af1d1ec7a75c4bec93c
101baea29356ab34e0db5408d748ea569e8e51a4
c2a220c992127c78aac43bff48b9d3a2beda04623d8c450174cc43917a7f34ec

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://knaben.info HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://knaben.info/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 1326
date: Tue, 21 Nov 2023 09:39:11 GMT
expires: Tue, 28 Nov 2023 09:39:11 GMT
cache-control: public, max-age=604800
last-modified: Wed, 25 Oct 2023 23:31:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

itweepinbelltor.com/custom

139.45.197.250

200 OK

39 B

URL POST HTTP/2
itweepinbelltor.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://knaben.info.atlaq.com/
Content-Type: application/json
Content-Length: 744
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 3138b3e16b5909cd3f09107ac4d77265
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintD6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52
ValidityWed, 06 Sep 2023 01:33:39 GMT - Tue, 05 Dec 2023 01:33:38 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
23da388a17d10c61fa1d123e804944df
fd61f71e981f1cbfce21f148a04e7e7122e24a2e
4ba116aace334ac62e7a13e646982615c720456ed345c1211a99d6c313ac720b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://knaben.info.atlaq.com/
Content-Type: application/json
Content-Length: 506
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:11 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

itweepinbelltor.com/custom

139.45.197.250

200 OK

39 B

URL POST HTTP/2
itweepinbelltor.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://knaben.info.atlaq.com/
Content-Type: application/json
Content-Length: 376
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 19431664bb2acb1c32dbeecca7a98983
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

whulsaux.com/?rb=3SuOrXOY1mOh0iD5KzR4mG1xCGrzh76V9gVcFcvaOFRAVfDGkOY9s8DFmbdNcBaRHjO5fyi4vugc2ZKG419HMggSFAGdt6iz2Q_kKYVI09OpSCrALcecPk6YbDZLdsTT4FztiWRJv3v2bQMjh_DFXbXFQBh5_JyX_j6Pce8f6cGOEEi2D9yJP40i9B4Vg4_ixNLeOlqJiceFB6_y7H3b4h3uklJPvazZJzmXSg%3D%3D&request_ab2=0&zoneid=6577958&js_build=iclick-v1.631.2&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fknaben.info.atlaq.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.631.2&bs=7105941d-9346-4637-ac27-0713bdbfd161&userId=6caa9aad526f4029bd5f0addfcca1cb7&m=link

139.45.197.244

200 OK

2.2 kB

URL GET HTTP/2
whulsaux.com/?rb=3SuOrXOY1mOh0iD5KzR4mG1xCGrzh76V9gVcFcvaOFRAVfDGkOY9s8DFmbdNcBaRHjO5fyi4vugc2ZKG419HMggSFAGdt6iz2Q_kKYVI09OpSCrALcecPk6YbDZLdsTT4FztiWRJv3v2bQMjh_DFXbXFQBh5_JyX_j6Pce8f6cGOEEi2D9yJP40i9B4Vg4_ixNLeOlqJiceFB6_y7H3b4h3uklJPvazZJzmXSg%3D%3D&request_ab2=0&zoneid=6577958&js_build=iclick-v1.631.2&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fknaben.info.atlaq.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.631.2&bs=7105941d-9346-4637-ac27-0713bdbfd161&userId=6caa9aad526f4029bd5f0addfcca1cb7&m=link
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectwhulsaux.com
FingerprintA8:C3:DA:A6:D8:7E:B2:1D:20:3B:9D:3B:86:9A:EF:7C:B3:AC:47:D7
ValidityMon, 20 Nov 2023 05:29:27 GMT - Sun, 18 Feb 2024 05:29:26 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2232), with no line terminators
Size
2.2 kB (2202 bytes)
Hash
e424b9faa10b0b396d3b6ca39addb157
b8962848130ae31d2da1ce321c03e5d58318777c
59307db8703264b0b49da26976edb36a02f7e38f3d03cfceb1e0b8082353f60a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=3SuOrXOY1mOh0iD5KzR4mG1xCGrzh76V9gVcFcvaOFRAVfDGkOY9s8DFmbdNcBaRHjO5fyi4vugc2ZKG419HMggSFAGdt6iz2Q_kKYVI09OpSCrALcecPk6YbDZLdsTT4FztiWRJv3v2bQMjh_DFXbXFQBh5_JyX_j6Pce8f6cGOEEi2D9yJP40i9B4Vg4_ixNLeOlqJiceFB6_y7H3b4h3uklJPvazZJzmXSg%3D%3D&request_ab2=0&zoneid=6577958&js_build=iclick-v1.631.2&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fknaben.info.atlaq.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.631.2&bs=7105941d-9346-4637-ac27-0713bdbfd161&userId=6caa9aad526f4029bd5f0addfcca1cb7&m=link HTTP/1.1
Host: whulsaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://knaben.info.atlaq.com/
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Cookie: OAID=6caa9aad526f4029bd5f0addfcca1cb7; oaidts=1700559550
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: application/json
x-trace-id: c8024d8b54ca5c00829a428f458bbe37
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=6caa9aad526f4029bd5f0addfcca1cb7; expires=Wed, 20 Nov 2024 09:39:10 GMT; path=/; secure; SameSite=None
oaidts=1700559550; expires=Wed, 20 Nov 2024 09:39:10 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 28 Nov 2023 09:39:10 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

knaben.info.atlaq.com/badk.txt

172.67.176.167

200 OK

44 kB

URL GET HTTP/3
knaben.info.atlaq.com/badk.txt
IP
172.67.176.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint02:E3:5A:1C:61:EF:0D:0D:61:F4:62:6A:0D:1D:F4:0F:71:26:C4:8E
ValidityFri, 25 Aug 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT

File type
ASCII text
Size
44 kB (43852 bytes)
Hash
f4245877e1f9b8764acbac7b475ebf2d
7471a9d7354637651fa5d0200febe7ab162fb69a
bd300473a295a173716b1b182aed7c14e3551f7400360dd5f694115683ccd41c

HTTP Headers

GET /badk.txt HTTP/1.1
Host: knaben.info.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://knaben.info.atlaq.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=2592000
cf-railgun: direct (starting new WAN connection)
expires: Thu, 21 Dec 2023 09:39:10 GMT
last-modified: Mon, 13 Apr 2020 08:00:16 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding,User-Agent,Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xS%2FTMG0r9GWtJxZiqNzQ74OavFt4NGhXPCbeP9oKzXa9ev9RrLsQUQxJgz%2FP3E88bCUm1Dk9j%2FWzAmmJWVbdclvT6LbWzyJ9qTXouPg%2Fht%2Bm5sMHHbsRNQS656LmsPbYwcj2mOajZQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8297f6c498040b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=knaben.info

0.0.0.0

0 B

URL GET
traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=knaben.info
IP
0.0.0.0:0
ASN
#0

Requested by
https://knaben.info.atlaq.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=knaben.info HTTP/1.1
Host: traffic.alexa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=knaben.info

0.0.0.0

0 B

URL GET
traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=knaben.info
IP
0.0.0.0:0
ASN
#0

Requested by
https://knaben.info.atlaq.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=knaben.info HTTP/1.1
Host: traffic.alexa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

my.rtmark.net/gid.js?userId=6caa9aad526f4029bd5f0addfcca1cb7

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=6caa9aad526f4029bd5f0addfcca1cb7
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
65 B (65 bytes)
Hash
547b84e494bfef0dfa8c388d9521ba1f
935520d266c35f763a66755a1e6618a3cc234408
1e9ee6b55c52364aa81c24e37b2fef6274115446cd6a0e5d196528f522c23555

HTTP Headers

GET /gid.js?userId=6caa9aad526f4029bd5f0addfcca1cb7 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=6caa9aad526f4029bd5f0addfcca1cb7; expires=Wed, 20 Nov 2024 09:39:10 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

itweepinbelltor.com/pfe/current/universal.min.js?v=3.1.471

139.45.197.250

200 OK

88 kB

URL GET HTTP/2
itweepinbelltor.com/pfe/current/universal.min.js?v=3.1.471
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (87852 bytes)
Hash
d46d2997ab218d1dba1ab614422ed53f
3f1f6b9847c8ad209835db366c62fcb209b83a67
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.471 HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://knaben.info.atlaq.com/
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: application/javascript
last-modified: Tue, 21 Nov 2023 08:28:54 GMT
etag: W/"655c6a46-1572c"
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

atlaq.com/style.css

188.114.96.1

200 OK

44 kB

URL GET HTTP/2
atlaq.com/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint1E:C6:84:53:3B:FF:CE:FF:8F:8C:9D:8B:3A:69:3F:E5:28:C8:F4:A5
ValidityWed, 26 Apr 2023 00:00:00 GMT - Thu, 25 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6732)
Size
44 kB (43872 bytes)
Hash
611e414a545a0c84fe6c111b9a4c3722
7fe2addc3373777aeb6de31caaf66f800049dd59
b5fc73fd3ef4ac8eda80826c1f684294f136c3d03c4afed7e7cd59a3f6a5a146

HTTP Headers

GET /style.css HTTP/1.1
Host: atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 21 Nov 2023 09:39:09 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 06:07:01 GMT
last-modified: Tue, 25 Oct 2022 04:42:27 GMT
vary: Accept-Encoding,User-Agent,Origin
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2345528
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktto2oGJElrGfwxP9jdd1AU41iOoWkzpi4pJCiJcbCTfIfPcfLX7opLlQ5F31gDoVy6zeWipupCwRoXMnzuZ5RibJ5Q4pT0FE1gDXDrsjlpkvJE5omqRLhsks10%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8297f6c3189056c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

doge.investments/favicon.ico

0.0.0.0

0 B

URL GET
doge.investments/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://knaben.info.atlaq.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: doge.investments
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

itweepinbelltor.com/pfe/current/defaultSkin.min.js

139.45.197.250

200 OK

57 kB

URL GET HTTP/2
itweepinbelltor.com/pfe/current/defaultSkin.min.js
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type

Size
57 kB (57187 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://knaben.info.atlaq.com/
Origin: https://knaben.info.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:11 GMT
content-type: application/javascript
last-modified: Tue, 21 Nov 2023 08:28:54 GMT
etag: W/"655c6a46-df63"
access-control-allow-origin: https://knaben.info.atlaq.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

qureka.com/favicon.ico

0.0.0.0

0 B

URL GET
qureka.com/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://knaben.info.atlaq.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: qureka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

itweepinbelltor.com/pfe/current/tag.min.js?z=5490114

139.45.197.250

200 OK

13 kB

URL GET HTTP/2
itweepinbelltor.com/pfe/current/tag.min.js?z=5490114
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
C source, ASCII text, with very long lines (13300), with no line terminators
Size
13 kB (13300 bytes)
Hash
258578af3c107ccb907f73c3a2f4c25f
7a192edea829968fb7f57f2a2fc4cb5b612598be
1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75

HTTP Headers

GET /pfe/current/tag.min.js?z=5490114 HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://knaben.info.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 09:39:10 GMT
content-type: application/javascript
last-modified: Tue, 21 Nov 2023 08:28:54 GMT
etag: W/"655c6a46-33f4"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

knaben.info.atlaq.com/sw-5490114.js

172.67.176.167

404 Not Found

4.8 kB

URL GET HTTP/3
knaben.info.atlaq.com/sw-5490114.js
IP
172.67.176.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://knaben.info.atlaq.com/
Certificate
IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint02:E3:5A:1C:61:EF:0D:0D:61:F4:62:6A:0D:1D:F4:0F:71:26:C4:8E
ValidityFri, 25 Aug 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (5213), with no line terminators
Size
4.8 kB (4828 bytes)
Hash
0b948a02e2696753bcdb4520f0589aa0
f697d5ce02d24b902c104fba13eefc36736e931b
78de08c576c4e4de3351cebf750102fb2e7aabe6459d0dd27e6672365ade8dea

HTTP Headers

GET /sw-5490114.js HTTP/1.1
Host: knaben.info.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://knaben.info.atlaq.com/
DNT: 1
Connection: keep-alive
Cookie: _ga_FPZ0VEL1WQ=GS1.1.1700559552.1.0.1700559552.60.0.0; _ga=GA1.1.822904690.1700559552
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 21 Nov 2023 09:39:11 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31536000
expires: Mon, 18 Dec 2023 21:06:35 GMT
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent,Origin
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-expose-headers: Content-Disposition
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cA%2B4L%2BPksj7y7z83shcnadLA8uRKK9nxliiCNYIK%2F3MRuOqFrAGrVZQCcqdxkAh9tGGpd4cdv8YILCjBcfNdR%2FzW%2B%2FJiuo7VdERjS3DC8J2FAcWCQSFjSXPyZpoeHnbouhuCZ9glX0c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8297f6c7ba9f0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP